<?php
if (! defined('IN_WEB')) {
    exit('Access Denied');
}

class UserAction {

    protected $userModel;

    function __construct () {
        $this->userModel = new DbKooltaoModel('kooltao_user');
    }

    function hasPurview($enter, $ctrl='', $act=''){
        if($enter == 'admin'){
            $adminIsLogin = $this->adminIsLogin();
            if(!$adminIsLogin && !($ctrl == 'index' && in_array($act, array('login', 'install')))){
                header("Location:".LOGIN_URL);
                exit();
            }
        }elseif($enter == 'index'){
            
        }else{
            show_404_page();
        }
        
    }
    
    function adminIsLogin () {
        $now = time();
        if ($_SESSION['admin'] != true || ! $_SESSION['login_time'] ||
         $_SESSION['login_time'] < $now - 3600) {
            return false;
        }
        $_SESSION['login_time'] = $now;
        return true;
    }

    function logout () {
        unset($_SESSION['admin']);
    }

    function doLogin () {
        if ($_POST['login_token'] != $_SESSION['login_token']) {
            return - 1; //不允许登录
        } else {
            $user = $this->getUserByName($_POST['username']);
            if (empty($user)) { //用户不存在
                return - 2;
            }
            if ($user['pass'] != $this->secretPassword($_POST['passwd'])) {
                return - 3; //密码错误
            }
            
            if($user['role'] != ROLE_ID_ADMIN){
                return -4;
            }
            
            $now = time();
            $_SESSION['uid'] = $user['uid'];
            $_SESSION['username'] = $user['name'];
            $_SESSION['admin'] = true;
            $_SESSION['login_time'] = $now;
            return 1; //登录成功
        }
    }

    function ajaxLogin($data){
        $user = $this->getUserByEmail($data['email']);
        if (empty($user)) { //用户不存在
            return - 2;
        }
            
        if ($user['pass'] != $this->secretPassword($data['password'])) {
            return - 3; //密码错误
        }
        
            
        
        $now = time();
        $_SESSION['uid'] = $user['uid'];
        $_SESSION['username'] = $user['name'];
        $_SESSION['email'] = $user['email'];
        $_SESSION['login_time'] = $now;
        
        unset($user['pass']);
        return array($user); //登录成功
    }
    function getUserByName ($name) {
        $where = array(
            array(
            'name', $name
            )
        );
        return $this->userModel->getOne($where);
    }

    function getUserByEmail ($email) {
        $where = "email = '{$email}'";
        return $this->userModel->getOne($where);
    }
    
    function addUser ($data) {
        $data['email'] = trim($data['email']);
        if(!$this->validEmail($data['email'])){
            return -3;//email格式错误
        }
        $user = $this->getUserByEmail($data['email']);
        if ($user)
            return - 2; //已存在的邮箱
        $data['pass'] = $this->secretPassword($data['password']);
        $result = $this->userModel->insert($data);
        return $result ? 1 : - 1; //成功：失败
    }
    
    function secretPassword($pass){
        return md5($pass. SALT);
    }
    
    function validEmail($email){
        return preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $email);
    }
    function viewUser(){
        $sql = "SELECT u.* FROM kooltao_user u order by u.uid DESC";
        $this->userModel->query($sql);
        return $this->userModel->getList();

    }
}